Information Security Senior Officer / Supervisor
Responsible for providing development, implementation, testing, education, and maintenance of a standardized company-wide Business Continuity and Information Security for Uwalet company, to prevent and detect impacts of crises or disasters when they occur and minimize their effects.
- Manage UWallet information security practice and represent UWallet in meetings with the CBJ or other similar organizations.
- Establish a cyber security & business continuity program and policy and ensure the execution of the program with regular review and updates.
- Perform penetration testing for the UWallet environment (mobile & web applications and internal infrastructure).
- Manage the cyber security & business continuity program and policy, assess the efficiency and completeness of the cyber security program, and ensure regular review and update of the security controls.
- Identify and assess cyber risks.
- Prepare regular and ad-hoc reports (such as deviations associated with the implementation of the cyber security policies and procedures, cyber security risks assessment results, and cyber security program assessment in terms of completeness and efficiency) and come up with recommendations/ actions to be implemented, identify new requirements, identify threats and breaches related to the company.
- Develop and implement a cyber attack response plan for instant response and recovery from any cyber attack and continuously test and update it based on previous experiences and lessons learned from external parties.
- Identify any missing security solutions that might be needed and help with sizing and evaluating proposals.
- Review and validate newly developed policies and procedures.
- Review the network and systems regularly to ensure secure configuration.
Bachelor Degree in Computer Science, Computer Engineering, Cyber Security or any related field or any other related field. Master degree in Cyber Security is a plus
Level of Experience:
Intermediate Experience in a related field
Certifications & Licensure
- ISO 27001 certification
- ISO 22301 certification
- CISM certification
- Security +
- Penetration testing certification
- OSCP (Offensive Security Certified Professional)
- OSCE (Offensive Security Certified Expert)
- Digital Forensics
Technical Skills & Knowledge
- Cyber Security Management & Governance
- Good knowledge of security assessments
- Good skills in penetration testing and vulnerability assessment
- Good knowledge in business continuity management
- Skills in auditing and testing methodologies
- Risk management: risk assessment techniques, mitigation techniques, risk probability, and estimation
- Analysis techniques
- Information security management: information security liabilities, information security processes procedures & policies, security authentication, security and safety measures
- Asset management: capacity planning, technology assets management
- Project management: project planning tracking, project reporting, issue resolution